Manuals / Fortinet / Computer Equipment / Network Card

Fortinet v3.0 MR7 manual Server Certificate, Require Client Certificate, Encryption Key Algorithm

Models: v3.0 MR7

1 66
Download 66 pages 4.08 Kb
Page 53
Image 53

 

 

 

Configuring authenticated access

VPN authentication

Server Certificate

Select the signed server certificate to use for

 

authentication purposes. If you leave the default setting

 

(Self-Signed), the FortiGate unit offers its factory

 

installed (self-signed) certificate from Fortinet to remote

 

clients when they connect.

Require Client Certificate

If you want to enable the use of group certificates for

 

authenticating remote clients, select the check box.

 

Afterward, when the remote client initiates a connection,

 

the FortiGate unit prompts the client for its client-side

 

certificate as part of the authentication process.

Encryption Key Algorithm

Select the algorithm for creating a secure SSL

 

connection between the remote client web browser and

 

the FortiGate unit.

Default - RC4(128

If the web browser on the remote client can match a

bits) and higher

cipher suite greater than or equal to 128 bits, select this

 

option.

High - AES(128/256 bits) and 3DES

Low - RC4(64 bits),

DES and higher

Idle Timeout

If the web browser on the remote client can match a high level of SSL encryption, select this option to enable cipher suites that use more than 128 bits to encrypt data.

If you are not sure which level of SSL encryption the remote client web browser supports, select this option to enable a cipher suite greater than or equal to 64 bits.

Type the period of time (in seconds) to control how long the connection can remain idle before the system forces the user to log in again. The range is from 10 to 28800 seconds. You can also set the value to 0 to have no idle connection timeout. This setting applies to the SSL VPN session. The interface does not time out when web application sessions or tunnels are up.

Portal Message

If you want to display a custom caption at the top of the

 

web portal home page, type the message.

Advanced (DNS and WINS Servers)

DNS Server #1

DNS Server #2

WINS Server #1

WINS Server #2

Apply

Enter up to two DNS Servers to be provided for the use of clients.

Enter up to two WINS Servers to be provided for the use of clients.

Select to save and apply settings.

FortiOS v3.0 MR7 User Authentication User Guide

 

01-30007-0347-20080828

53

Page 52 Page 54
Page 53
Image 53
Fortinet v3.0 MR7 Server Certificate, Require Client Certificate, Encryption Key Algorithm, Default RC4128, Portal Message
Page 52 Page 54